simon/CTF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init htb

Browse Source 
old htb folders
This commit is contained in:
Simon
2023-08-29 21:53:22 +02:00
parent 62ab804867
commit 82b0759f1e
21891 changed files with 6277643 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_curl-robots.txt Normal file
View File

@@ -0,0 +1,64 @@
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 Feb 2023 22:45:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2881
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
ETag: W/"b41-tn8t3x3qcvcm126OQ/i0AXwBj8M"
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<link rel = "stylesheet" href = "/css/main.css">
<link rel="stylesheet" href="/css/bootstrap.min.css">
<!-- style css -->
<link rel="stylesheet" href="/css/style.css">
<!-- Responsive-->
<link rel="stylesheet" href="/css/responsive.css">
<!-- fevicon -->
<link rel="icon" href="/static/blue.png" type="image/png" />
<!-- Scrollbar Custom CSS -->
<link rel="stylesheet" href="/css/jquery.mCustomScrollbar.min.css">
<!-- Tweaks for older IEs-->
<link rel="stylesheet" href="/css/font-awesome.css">
<link rel="stylesheet" href="/css/jquery.fancybox.min.css" media="screen">
<link rel="stylesheet" href="/static/vendors/mdi/css/materialdesignicons.min.css">
<link rel="stylesheet" href="/static/vendors/feather/feather.css">
<link rel="stylesheet" href="/static/vendors/base/vendor.bundle.base.css">
<link rel="stylesheet" href="/static/vendors/flag-icon-css/css/flag-icon.min.css">
<link rel="stylesheet" href="/static/vendors/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="/static/vendors/jquery-bar-rating/fontawesome-stars-o.css">
<link rel="stylesheet" href="/static/vendors/jquery-bar-rating/fontawesome-stars.css">
<link rel="stylesheet" href="/static/css/style.css">
<title>Hat Valley</title>
<link href="/js/app.js" rel="preload" as="script"><link href="/js/chunk-vendors.js" rel="preload" as="script"></head>
<body>
<noscript>
<strong>We're sorry but hat-valley doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
</noscript>
<div id="app"></div>
<!-- built files will be auto injected -->
<script src="/js/jquery.min.js"></script>
<script src="/js/popper.min.js"></script>
<script src="/js/bootstrap.bundle.min.js"></script>
<script src="/js/jquery-3.0.0.min.js"></script>
<script src="/js/plugin.js"></script>
<!-- sidebar -->
<script src="/js/jquery.mCustomScrollbar.concat.min.js"></script>
<script src="/js/custom.js"></script>
<script src="/js/jquery.fancybox.min.js"></script>
<script src="/static/vendors/base/vendor.bundle.base.js"></script>
<script src="/static/js/off-canvas.js"></script>
<script src="/static/js/hoverable-collapse.js"></script>
<script src="/static/js/template.js"></script>
<script src="/static/vendors/chart.js/Chart.min.js"></script>
<script src="/static/vendors/jquery-bar-rating/jquery.barrating.min.js"></script>
<script src="/static/js/dashboard.js"></script>
<script type="text/javascript" src="/js/chunk-vendors.js"></script><script type="text/javascript" src="/js/app.js"></script></body>
</html>

65
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_curl.html Normal file
View File

@@ -0,0 +1,65 @@
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 Feb 2023 22:45:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2881
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
ETag: W/"b41-tn8t3x3qcvcm126OQ/i0AXwBj8M"
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<link rel = "stylesheet" href = "/css/main.css">
<link rel="stylesheet" href="/css/bootstrap.min.css">
<!-- style css -->
<link rel="stylesheet" href="/css/style.css">
<!-- Responsive-->
<link rel="stylesheet" href="/css/responsive.css">
<!-- fevicon -->
<link rel="icon" href="/static/blue.png" type="image/png" />
<!-- Scrollbar Custom CSS -->
<link rel="stylesheet" href="/css/jquery.mCustomScrollbar.min.css">
<!-- Tweaks for older IEs-->
<link rel="stylesheet" href="/css/font-awesome.css">
<link rel="stylesheet" href="/css/jquery.fancybox.min.css" media="screen">
<link rel="stylesheet" href="/static/vendors/mdi/css/materialdesignicons.min.css">
<link rel="stylesheet" href="/static/vendors/feather/feather.css">
<link rel="stylesheet" href="/static/vendors/base/vendor.bundle.base.css">
<link rel="stylesheet" href="/static/vendors/flag-icon-css/css/flag-icon.min.css">
<link rel="stylesheet" href="/static/vendors/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="/static/vendors/jquery-bar-rating/fontawesome-stars-o.css">
<link rel="stylesheet" href="/static/vendors/jquery-bar-rating/fontawesome-stars.css">
<link rel="stylesheet" href="/static/css/style.css">
<title>Hat Valley</title>
<link href="/js/app.js" rel="preload" as="script"><link href="/js/chunk-vendors.js" rel="preload" as="script"></head>
<body>
<noscript>
<strong>We're sorry but hat-valley doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
</noscript>
<div id="app"></div>
<!-- built files will be auto injected -->
<script src="/js/jquery.min.js"></script>
<script src="/js/popper.min.js"></script>
<script src="/js/bootstrap.bundle.min.js"></script>
<script src="/js/jquery-3.0.0.min.js"></script>
<script src="/js/plugin.js"></script>
<!-- sidebar -->
<script src="/js/jquery.mCustomScrollbar.concat.min.js"></script>
<script src="/js/custom.js"></script>
<script src="/js/jquery.fancybox.min.js"></script>
<script src="/static/vendors/base/vendor.bundle.base.js"></script>
<script src="/static/js/off-canvas.js"></script>
<script src="/static/js/hoverable-collapse.js"></script>
<script src="/static/js/template.js"></script>
<script src="/static/vendors/chart.js/Chart.min.js"></script>
<script src="/static/vendors/jquery-bar-rating/jquery.barrating.min.js"></script>
<script src="/static/js/dashboard.js"></script>
<script type="text/javascript" src="/js/chunk-vendors.js"></script><script type="text/javascript" src="/js/app.js"></script></body>
</html>

10
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_feroxbuster_dirbuster.txt Normal file
View File

@@ -0,0 +1,10 @@
WLD GET 54l 163w 2881c Got 200 for http://hat-valley.htb/d24d1944513e4b5d8b7f4f60bcb0210e (url length: 32)
301 GET 10l 16w 173c http://hat-valley.htb/css => http://hat-valley.htb/css/
200 GET 1l 35w 4286c http://hat-valley.htb/favicon.ico
301 GET 10l 16w 171c http://hat-valley.htb/js => http://hat-valley.htb/js/
301 GET 10l 16w 179c http://hat-valley.htb/static => http://hat-valley.htb/static/
WLD GET 54l 163w 2881c Got 200 for http://hat-valley.htb/dda138e55e784b60b2e4c4dcc7ee80f5 (url length: 32)
301 GET 10l 16w 173c http://hat-valley.htb/css => http://hat-valley.htb/css/
200 GET 1l 35w 4286c http://hat-valley.htb/favicon.ico
301 GET 10l 16w 171c http://hat-valley.htb/js => http://hat-valley.htb/js/
301 GET 10l 16w 179c http://hat-valley.htb/static => http://hat-valley.htb/static/

1
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_hat-valley.htb_vhosts_subdomains-top1million-110000.txt Normal file
View File

@@ -0,0 +1 @@
store

64
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_known-security.txt Normal file
View File

@@ -0,0 +1,64 @@
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 Feb 2023 22:45:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2881
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
ETag: W/"b41-tn8t3x3qcvcm126OQ/i0AXwBj8M"
<!DOCTYPE html>
<html lang="">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<link rel = "stylesheet" href = "/css/main.css">
<link rel="stylesheet" href="/css/bootstrap.min.css">
<!-- style css -->
<link rel="stylesheet" href="/css/style.css">
<!-- Responsive-->
<link rel="stylesheet" href="/css/responsive.css">
<!-- fevicon -->
<link rel="icon" href="/static/blue.png" type="image/png" />
<!-- Scrollbar Custom CSS -->
<link rel="stylesheet" href="/css/jquery.mCustomScrollbar.min.css">
<!-- Tweaks for older IEs-->
<link rel="stylesheet" href="/css/font-awesome.css">
<link rel="stylesheet" href="/css/jquery.fancybox.min.css" media="screen">
<link rel="stylesheet" href="/static/vendors/mdi/css/materialdesignicons.min.css">
<link rel="stylesheet" href="/static/vendors/feather/feather.css">
<link rel="stylesheet" href="/static/vendors/base/vendor.bundle.base.css">
<link rel="stylesheet" href="/static/vendors/flag-icon-css/css/flag-icon.min.css">
<link rel="stylesheet" href="/static/vendors/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" href="/static/vendors/jquery-bar-rating/fontawesome-stars-o.css">
<link rel="stylesheet" href="/static/vendors/jquery-bar-rating/fontawesome-stars.css">
<link rel="stylesheet" href="/static/css/style.css">
<title>Hat Valley</title>
<link href="/js/app.js" rel="preload" as="script"><link href="/js/chunk-vendors.js" rel="preload" as="script"></head>
<body>
<noscript>
<strong>We're sorry but hat-valley doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
</noscript>
<div id="app"></div>
<!-- built files will be auto injected -->
<script src="/js/jquery.min.js"></script>
<script src="/js/popper.min.js"></script>
<script src="/js/bootstrap.bundle.min.js"></script>
<script src="/js/jquery-3.0.0.min.js"></script>
<script src="/js/plugin.js"></script>
<!-- sidebar -->
<script src="/js/jquery.mCustomScrollbar.concat.min.js"></script>
<script src="/js/custom.js"></script>
<script src="/js/jquery.fancybox.min.js"></script>
<script src="/static/vendors/base/vendor.bundle.base.js"></script>
<script src="/static/js/off-canvas.js"></script>
<script src="/static/js/hoverable-collapse.js"></script>
<script src="/static/js/template.js"></script>
<script src="/static/vendors/chart.js/Chart.min.js"></script>
<script src="/static/vendors/jquery-bar-rating/jquery.barrating.min.js"></script>
<script src="/static/js/dashboard.js"></script>
<script type="text/javascript" src="/js/chunk-vendors.js"></script><script type="text/javascript" src="/js/app.js"></script></body>
</html>

83
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_nmap.txt Normal file
View File

@@ -0,0 +1,83 @@
# Nmap 7.93 scan initiated Tue Feb 7 23:45:13 2023 as: nmap -vv --reason -Pn -T4 -sV -p 80 "--script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN /home/kali/htb/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_nmap.txt -oX /home/kali/htb/awkward/results/hat-valley.htb/scans/tcp80/xml/tcp_80_http_nmap.xml hat-valley.htb
Nmap scan report for hat-valley.htb (10.10.11.185)
Host is up, received user-set (0.040s latency).
rDNS record for 10.10.11.185: awkward.htb
Scanned at 2023-02-07 23:45:13 CET for 816s
Bug in http-security-headers: no string output.
PORT STATE SERVICE REASON VERSION
80/tcp open http syn-ack ttl 63 nginx 1.18.0 (Ubuntu)
|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
|_http-fetch: Please enter the complete path of the directory to save data in.
|_http-referer-checker: Couldn't find any cross-domain scripts.
|_http-config-backup: ERROR: Script execution failed (use -d to debug)
|_http-chrono: ERROR: Script execution failed (use -d to debug)
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-devframework: Express detected. Found Express in X-Powered-By Header
| http-sitemap-generator:
| Directory structure:
| Longest directory structure:
| Depth: 0
| Dir: /
| Total files found (by extension):
|_
|_http-date: Tue, 07 Feb 2023 22:45:20 GMT; 0s from local time.
|_http-feed: Couldn't find any feeds.
| http-enum:
| /css/: Potentially interesting folder
|_ /js/: Potentially interesting folder
|_http-jsonp-detection: Couldn't find any JSONP endpoints.
|_http-comments-displayer: Couldn't find any comments.
|_http-errors: Couldn't find any error pages.
| http-useragent-tester:
| Status for browser useragent: 200
| Allowed User Agents:
| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
| libwww
| lwp-trivial
| libcurl-agent/1.0
| PHP/
| Python-urllib/2.5
| GT::WWW
| Snoopy
| MFC_Tear_Sample
| HTTP::Lite
| PHPCrawl
| URI::Fetch
| Zend_Http_Client
| http client
| PECL::HTTP
| Wget/1.13.4 (linux-gnu)
|_ WWW-Mechanize/1.34
|_http-mobileversion-checker: No mobile version detected.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-title: Hat Valley
| http-php-version: Logo query returned unknown hash eec43f2e72fc1fa2be35d0ba190ea4fd
|_Credits query returned unknown hash eec43f2e72fc1fa2be35d0ba190ea4fd
|_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
|_http-malware-host: Host appears to be clean
|_http-favicon: Unknown favicon MD5: 56BF0DDEA4641BFDDD743E1B04149554
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
| http-vhosts:
|_128 names had status 200
| http-headers:
| Server: nginx/1.18.0 (Ubuntu)
| Date: Tue, 07 Feb 2023 22:45:25 GMT
| Content-Type: text/html; charset=UTF-8
| Content-Length: 2881
| Connection: close
| X-Powered-By: Express
| Accept-Ranges: bytes
| ETag: W/"b41-tn8t3x3qcvcm126OQ/i0AXwBj8M"
|
|_ (Request type: HEAD)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Tue Feb 7 23:58:49 2023 -- 1 IP address (1 host up) scanned in 816.11 seconds

BIN
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_screenshot.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 40 KiB

78
HTB/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_whatweb.txt Normal file
View File

@@ -0,0 +1,78 @@
WhatWeb report for http://hat-valley.htb/
Status : 200 OK
Title : Hat Valley
IP : 10.10.11.185
Country : RESERVED, ZZ
Summary : Bootstrap[4.1.0], HTML5, HTTPServer[Ubuntu Linux][nginx/1.18.0 (Ubuntu)], JQuery[3.0.0], nginx[1.18.0], Script[text/javascript], X-Powered-By[Express], X-UA-Compatible[IE=edge]
Detected Plugins:
[ Bootstrap ]
Bootstrap is an open source toolkit for developing with
HTML, CSS, and JS.
Version : 4.1.0
Version : 4.1.0
Version : 4.1.0
Version : 4.1.0
Version : 4.1.0
Version : 4.1.0
Website : https://getbootstrap.com/
[ HTML5 ]
HTML version 5, detected by the doctype declaration
[ HTTPServer ]
HTTP server header string. This plugin also attempts to
identify the operating system from the server header.
OS : Ubuntu Linux
String : nginx/1.18.0 (Ubuntu) (from server string)
[ JQuery ]
A fast, concise, JavaScript that simplifies how to traverse
HTML documents, handle events, perform animations, and add
AJAX.
Version : 3.0.0
Website : http://jquery.com/
[ Script ]
This plugin detects instances of script HTML elements and
returns the script language/type.
String : text/javascript
[ X-Powered-By ]
X-Powered-By HTTP header
String : Express (from x-powered-by string)
[ X-UA-Compatible ]
This plugin retrieves the X-UA-Compatible value from the
HTTP header and meta http-equiv tag. - More Info:
http://msdn.microsoft.com/en-us/library/cc817574.aspx
String : IE=edge
[ nginx ]
Nginx (Engine-X) is a free, open-source, high-performance
HTTP server and reverse proxy, as well as an IMAP/POP3
proxy server.
Version : 1.18.0
Website : http://nginx.net/
HTTP Headers:
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 Feb 2023 22:45:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: Express
ETag: W/"b41-tn8t3x3qcvcm126OQ/i0AXwBj8M"
Content-Encoding: gzip

100
HTB/awkward/results/hat-valley.htb/scans/tcp80/xml/tcp_80_http_nmap.xml Normal file
View File

@@ -0,0 +1,100 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.93 scan initiated Tue Feb 7 23:45:13 2023 as: nmap -vv -&#45;reason -Pn -T4 -sV -p 80 &quot;-&#45;script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)&quot; -oN /home/kali/htb/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_nmap.txt -oX /home/kali/htb/awkward/results/hat-valley.htb/scans/tcp80/xml/tcp_80_http_nmap.xml hat-valley.htb -->
<nmaprun scanner="nmap" args="nmap -vv -&#45;reason -Pn -T4 -sV -p 80 &quot;-&#45;script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)&quot; -oN /home/kali/htb/awkward/results/hat-valley.htb/scans/tcp80/tcp_80_http_nmap.txt -oX /home/kali/htb/awkward/results/hat-valley.htb/scans/tcp80/xml/tcp_80_http_nmap.xml hat-valley.htb" start="1675809913" startstr="Tue Feb 7 23:45:13 2023" version="7.93" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1" services="80"/>
<verbose level="2"/>
<debugging level="0"/>
<taskbegin task="NSE" time="1675809913"/>
<taskend task="NSE" time="1675809913"/>
<taskbegin task="NSE" time="1675809913"/>
<taskend task="NSE" time="1675809913"/>
<taskbegin task="NSE" time="1675809913"/>
<taskend task="NSE" time="1675809913"/>
<taskbegin task="SYN Stealth Scan" time="1675809913"/>
<taskend task="SYN Stealth Scan" time="1675809913" extrainfo="1 total ports"/>
<taskbegin task="Service scan" time="1675809913"/>
<taskend task="Service scan" time="1675809919" extrainfo="1 service on 1 host"/>
<taskbegin task="NSE" time="1675809919"/>
<taskprogress task="NSE" time="1675809950" percent="99.02" remaining="1" etc="1675809950"/>
<taskprogress task="NSE" time="1675809980" percent="99.02" remaining="1" etc="1675809981"/>
<taskprogress task="NSE" time="1675810010" percent="99.67" remaining="1" etc="1675810010"/>
<taskprogress task="NSE" time="1675810040" percent="99.67" remaining="1" etc="1675810040"/>
<taskprogress task="NSE" time="1675810070" percent="99.67" remaining="1" etc="1675810070"/>
<taskprogress task="NSE" time="1675810100" percent="99.67" remaining="1" etc="1675810101"/>
<taskprogress task="NSE" time="1675810130" percent="99.67" remaining="1" etc="1675810131"/>
<taskprogress task="NSE" time="1675810160" percent="99.67" remaining="1" etc="1675810161"/>
<taskprogress task="NSE" time="1675810190" percent="99.67" remaining="1" etc="1675810191"/>
<taskprogress task="NSE" time="1675810220" percent="99.67" remaining="1" etc="1675810221"/>
<taskprogress task="NSE" time="1675810250" percent="99.67" remaining="2" etc="1675810251"/>
<taskprogress task="NSE" time="1675810280" percent="99.67" remaining="2" etc="1675810281"/>
<taskprogress task="NSE" time="1675810310" percent="99.67" remaining="2" etc="1675810311"/>
<taskprogress task="NSE" time="1675810340" percent="99.67" remaining="2" etc="1675810341"/>
<taskprogress task="NSE" time="1675810370" percent="99.67" remaining="2" etc="1675810371"/>
<taskprogress task="NSE" time="1675810400" percent="99.67" remaining="2" etc="1675810402"/>
<taskprogress task="NSE" time="1675810430" percent="99.67" remaining="2" etc="1675810432"/>
<taskprogress task="NSE" time="1675810460" percent="99.67" remaining="2" etc="1675810462"/>
<taskprogress task="NSE" time="1675810490" percent="99.67" remaining="2" etc="1675810492"/>
<taskprogress task="NSE" time="1675810520" percent="99.67" remaining="2" etc="1675810522"/>
<taskprogress task="NSE" time="1675810550" percent="99.67" remaining="3" etc="1675810552"/>
<taskprogress task="NSE" time="1675810580" percent="99.67" remaining="3" etc="1675810582"/>
<taskprogress task="NSE" time="1675810610" percent="99.67" remaining="3" etc="1675810612"/>
<taskprogress task="NSE" time="1675810640" percent="99.67" remaining="3" etc="1675810642"/>
<taskprogress task="NSE" time="1675810670" percent="99.67" remaining="3" etc="1675810672"/>
<taskprogress task="NSE" time="1675810700" percent="99.67" remaining="3" etc="1675810703"/>
<taskend task="NSE" time="1675810728"/>
<taskbegin task="NSE" time="1675810728"/>
<taskend task="NSE" time="1675810729"/>
<taskbegin task="NSE" time="1675810729"/>
<taskend task="NSE" time="1675810729"/>
<host starttime="1675809913" endtime="1675810729"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.10.11.185" addrtype="ipv4"/>
<hostnames>
<hostname name="hat-valley.htb" type="user"/>
<hostname name="awkward.htb" type="PTR"/>
</hostnames>
<ports><port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="63"/><service name="http" product="nginx" version="1.18.0" extrainfo="Ubuntu" ostype="Linux" method="probed" conf="10"><cpe>cpe:/a:igor_sysoev:nginx:1.18.0</cpe><cpe>cpe:/o:linux:linux_kernel</cpe></service><script id="http-wordpress-enum" output="Nothing found amongst the top 100 resources,use -&#45;script-args search-limit=&lt;number|all&gt; for deeper analysis)"/><script id="http-drupal-enum" output="Nothing found amongst the top 100 resources,use -&#45;script-args number=&lt;number|all&gt; for deeper analysis)"/><script id="http-fetch" output="Please enter the complete path of the directory to save data in."><elem key="ERROR">Please enter the complete path of the directory to save data in.</elem>
</script><script id="http-referer-checker" output="Couldn&apos;t find any cross-domain scripts."/><script id="http-config-backup" output="ERROR: Script execution failed (use -d to debug)"/><script id="http-chrono" output="ERROR: Script execution failed (use -d to debug)"/><script id="http-dombased-xss" output="Couldn&apos;t find any DOM based XSS."/><script id="http-devframework" output="Express detected. Found Express in X-Powered-By Header"/><script id="http-sitemap-generator" output="&#xa; Directory structure:&#xa; Longest directory structure:&#xa; Depth: 0&#xa; Dir: /&#xa; Total files found (by extension):&#xa; &#xa;"/><script id="http-date" output="Tue, 07 Feb 2023 22:45:20 GMT; 0s from local time."><elem key="date">2023-02-07T22:45:20+00:00</elem>
<elem key="delta">0.0</elem>
</script><script id="http-feed" output="Couldn&apos;t find any feeds."/><script id="http-enum" output="&#xa; /css/: Potentially interesting folder&#xa; /js/: Potentially interesting folder&#xa;"/><script id="http-jsonp-detection" output="Couldn&apos;t find any JSONP endpoints."/><script id="http-comments-displayer" output="Couldn&apos;t find any comments."/><script id="http-errors" output="Couldn&apos;t find any error pages."/><script id="http-useragent-tester" output="&#xa; Status for browser useragent: 200&#xa; Allowed User Agents: &#xa; Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)&#xa; libwww&#xa; lwp-trivial&#xa; libcurl-agent/1.0&#xa; PHP/&#xa; Python-urllib/2.5&#xa; GT::WWW&#xa; Snoopy&#xa; MFC_Tear_Sample&#xa; HTTP::Lite&#xa; PHPCrawl&#xa; URI::Fetch&#xa; Zend_Http_Client&#xa; http client&#xa; PECL::HTTP&#xa; Wget/1.13.4 (linux-gnu)&#xa; WWW-Mechanize/1.34"><elem key="Status for browser useragent">200</elem>
<table key="Allowed User Agents">
<elem>Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)</elem>
<elem>libwww</elem>
<elem>lwp-trivial</elem>
<elem>libcurl-agent/1.0</elem>
<elem>PHP/</elem>
<elem>Python-urllib/2.5</elem>
<elem>GT::WWW</elem>
<elem>Snoopy</elem>
<elem>MFC_Tear_Sample</elem>
<elem>HTTP::Lite</elem>
<elem>PHPCrawl</elem>
<elem>URI::Fetch</elem>
<elem>Zend_Http_Client</elem>
<elem>http client</elem>
<elem>PECL::HTTP</elem>
<elem>Wget/1.13.4 (linux-gnu)</elem>
<elem>WWW-Mechanize/1.34</elem>
</table>
</script><script id="http-mobileversion-checker" output="No mobile version detected."/><script id="http-csrf" output="Couldn&apos;t find any CSRF vulnerabilities."/><script id="http-server-header" output="nginx/1.18.0 (Ubuntu)"><elem>nginx/1.18.0 (Ubuntu)</elem>
</script><script id="http-stored-xss" output="Couldn&apos;t find any stored XSS vulnerabilities."/><script id="http-title" output="Hat Valley"><elem key="title">Hat Valley</elem>
</script><script id="http-php-version" output="Logo query returned unknown hash eec43f2e72fc1fa2be35d0ba190ea4fd&#xa;Credits query returned unknown hash eec43f2e72fc1fa2be35d0ba190ea4fd"/><script id="http-litespeed-sourcecode-download" output="Request with null byte did not work. This web server might not be vulnerable"/><script id="http-malware-host" output="Host appears to be clean"/><script id="http-favicon" output="Unknown favicon MD5: 56BF0DDEA4641BFDDD743E1B04149554"/><script id="http-security-headers" output=""></script><script id="http-methods" output="&#xa; Supported Methods: GET HEAD POST OPTIONS"><table key="Supported Methods">
<elem>GET</elem>
<elem>HEAD</elem>
<elem>POST</elem>
<elem>OPTIONS</elem>
</table>
</script><script id="http-wordpress-users" output="[Error] Wordpress installation was not found. We couldn&apos;t find wp-login.php"/><script id="http-vhosts" output="&#xa;128 names had status 200"/><script id="http-headers" output="&#xa; Server: nginx/1.18.0 (Ubuntu)&#xa; Date: Tue, 07 Feb 2023 22:45:25 GMT&#xa; Content-Type: text/html; charset=UTF-8&#xa; Content-Length: 2881&#xa; Connection: close&#xa; X-Powered-By: Express&#xa; Accept-Ranges: bytes&#xa; ETag: W/&quot;b41-tn8t3x3qcvcm126OQ/i0AXwBj8M&quot;&#xa; &#xa; (Request type: HEAD)&#xa;"/></port>
</ports>
<times srtt="40410" rttvar="40410" to="202050"/>
</host>
<taskbegin task="NSE" time="1675810729"/>
<taskend task="NSE" time="1675810729"/>
<taskbegin task="NSE" time="1675810729"/>
<taskend task="NSE" time="1675810729"/>
<taskbegin task="NSE" time="1675810729"/>
<taskend task="NSE" time="1675810729"/>
<runstats><finished time="1675810729" timestr="Tue Feb 7 23:58:49 2023" summary="Nmap done at Tue Feb 7 23:58:49 2023; 1 IP address (1 host up) scanned in 816.11 seconds" elapsed="816.11" exit="success"/><hosts up="1" down="0" total="1"/>
</runstats>
</nmaprun>